Earlier versions of Occupational Health and Safety standards have advocated risk management and risk avoidance, but it has been implicit. The new ISO 45001:2018 standard explicitly expects organizations to identify workplace hazards and address risks associated with their operations, processes, and activities, aimed at and resulting in improved OH&S performance. Besides identifying the risks, the new ISO standard expects user organizations to address opportunities for improvements and corrective actions based on the risk analysis. Note that while corrective action is a requirement of ISO 45001 :2018, the concept of preventive action is expressed through a risk-based approach where risks are determined and actions to address risks and opportunities are taken. The standard does not require you to create a formal risk management system. However, this risk analysis exercise is intended to outline several approaches / options for the management of risk at your company. To prepare for the change, it is important to understand Risk Based Thinking and begin to look at your operations, processes, and activities in terms of hazards and risks. Risk is the possibility of an event or activity negatively impacting the operational or strategic objectives of an organization.